3 key web security guidelines from FS-ISAC

We address the ongoing issues regarding web security for businesses relying on an online presence. Download this e-guide and discover how to identify and address overlooked web security vulnerabilities as well as why you should look at the full security development lifecycle to reduce web threats.

I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

Please check the box if you want to proceed.

I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.

Please check the box if you want to proceed.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

Only compromised machines still linked in to the Conficker botnet will be affected by anything the worm is instructed to do, said security firm Kaspersky.

Conficker is believed to have infected up to 10 million computers and security researchers say there is evidence the worm will get further instructions on 1 April, prompting fears of cyber-attack.

The latest variants of the worm are capable of disabling firewalls and anti-virus software and updating themselves using peer-to-peer networks as well as internal networks.

Although potentially dangerous, this issue has been over-hyped said Rick Howard, director of security intelligence at security supplier iDefense.

Microsoft, which issued a patch for Conficker in October 2008, is offering a reward of $250,000 for finding the creators of the virus.

The precautions responsible users and organisations have taken already will protect them from all the latest Conficker variants, Howard said.

This means IT administrators should ensure every system on their network has the appropriate MS08-067patch applied, said Jason Miller, security manager at security firm Shavlik Technologies.

This should include internal and external, physical and virtual machines, he said.

The patch must be applied before attempting to clean systems, otherwise systems will simply become reinfected in an endless cycle, Miller said.

Start the conversation

0 comments

Register

I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

Please check the box if you want to proceed.

I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.